<?php
require_once('common.inc.php');
require_once(_INC_PATH.'database.php');
require_once(_INC_PATH.'captcha.inc');
session_start();

$cmd = @$_REQUEST['cmd'];
$db = new database();
if($cmd == 'ajaxSearch')
{
	$name = @$_REQUEST['name'];
	$address = @$_REQUEST['address'];
	$tel = @$_REQUEST['tel'];
	
	$where_sql = "";
	if(!empty($name)){
		$where_sql .= " name like '%$name%' or";
	}
	if(!empty($address)){
		$where_sql .= " address like '%$address%' or";
	}
	if(!empty($tel)){
		$where_sql .= " tel like '%$tel%' or";
	}
	$sql = "select id,name from tbl_corporation where del_flg='0' and ( ".substr($where_sql,0,-2)." ) limit 5";
	//echo $sql;die;
	$db->setQuery($sql);
	$data = $db->loadList();

	if(!empty($data)){
		$temp = array();
		foreach($data as $key=>$value){
			$temp[] = $value['id'].'#|#'.$value['name'];
		}
		$data = $temp;
		echo json_encode($data);
	}else{
		echo json_encode('noFind');
	}
	
	die;
}elseif($cmd == 'add'){
	if(!get_magic_quotes_gpc()){
		foreach($_REQUEST as $r_k=>$r_v){
			$_REQUEST[$r_k] = addslashes(trim($r_v));
		}
	}
	
	$row['name'] = $_REQUEST['name'];
	$row['city_id'] = $_REQUEST['city_id'];
	$row['district_id'] = $_REQUEST['district_id'];
	$row['address'] = $_REQUEST['address'];
	$row['scale'] = $_REQUEST['scale'];
	$row['type'] = $_REQUEST['type'];
	$row['cid'] = '1';
	$row['ccid'] = $_REQUEST['ccid'];
	$row['email'] = $_REQUEST['email'];
	$row['tel'] = $_REQUEST['tel'];
	$row['fax'] = $_REQUEST['fax'];
	$row['product'] = $_REQUEST['product'];
	$row['description'] = htmlspecialchars($_REQUEST['description']);
	$row['del_flg']  = '0';
	$row['create_author']  = _getcookie("id");
	if($_REQUEST['cor_id'] != "")
	{
		$cor_id = $_REQUEST['cor_id'];
		$where = " where id='".$cor_id."'";
		$db->update($row,'tbl_corporation',$where);
		if(!empty($_FILES['corImg']))
		{
			$srcFile = $_FILES['corImg'];
			$destFile = array('width'=>'260','height'=>'160','img_name'=>'cor','upload_path'=>_IMG_PATH.'/corporation/'.$cor_id.'/');
			uploadImage($srcFile,$destFile);
			header("Location: /corporation/$cor_id.html");die;
		}
	}
	else
	{
		$cor_id = $db->insert($row,'tbl_corporation');
		if($cor_id > 0){
			if(!empty($_FILES['corImg']))
			{
				$srcFile = $_FILES['corImg'];
				$destFile = array('width'=>'260','height'=>'160','img_name'=>'cor','upload_path'=>_IMG_PATH.'/corporation/'.$cor_id.'/');
				uploadImage($srcFile,$destFile);
			}
			$sta_row['cor_id'] = $cor_id;
			$db->insert($sta_row,'tbl_statistic');

			header("Location: /corporation/$cor_id.html");die;
		}else{
			errorShow("error!");
		}
	}	
}elseif($cmd == 'checkWord'){
	$word = trim($_REQUEST['word']);
	$captcha = new captcha();
	$ret=$captcha->check_word($word);
	if($ret){
		echo 'ok';
	}else{
		echo 0;
	}
	die;
}elseif($cmd == "modify"){
	$cor_id = intval($_REQUEST['id']);
	$user_id = _getcookie("id");
	if($cor_id > 0 && $user_id > 0){
		$sql = "select * from tbl_corporation where create_author='$user_id' and id='$cor_id'";
		$corInfo = $db->loadRow($sql);
		$smarty->assign("district_id",$corInfo['district_id']);
		$smarty->assign("city_id",$corInfo['city_id']);
		$smarty->assign("scale",$corInfo['scale']);
		$smarty->assign("type",$corInfo['type']);
		if(findImg($cor_id)){
			$corInfo['corImg'] = findImg($cor_id);
		}
		$smarty->assign("corInfo",$corInfo);
		$smarty->assign("isModify","1");
	}else{
		errorShow("对不起，无企业ID号或您还未登录！");
	}
}

$sql = "select id,name from tbl_city where del_flg='0'";
$db->setQuery($sql);
$city_arr = $db->loadResultList('id','name');

$sql = "select id,name,city_id from tbl_district where del_flg='0'";
$db->setQuery($sql);
$district_arr = $db->loadResultList('id','name');
if(is_array($district_arr)){
	array_unshift($district_arr,'--请选择区域--');
}
$smarty->assign('city_arr',$city_arr);
$smarty->assign('district_arr',$district_arr);

$smarty->assign('cor_scale_arr',$cor_scale_arr);
$smarty->assign('cor_type_arr',$cor_type_arr);
$smarty->assign('cor_ccid_arr',$cor_ccid_arr);
Display("add_cor.tpl");

?>